diff --git a/nixos/containers/default.nix b/nixos/containers/default.nix index 8beac9ee..e4499d98 100644 --- a/nixos/containers/default.nix +++ b/nixos/containers/default.nix @@ -8,17 +8,18 @@ ../common/services/promtail.nix ../common/services/telegraf.nix ../common/services/tailscale.nix + ../common/services/openssh.nix ]; # Generic Tailscale configs are in /nixos/common/services/tailscale.nix # Set up the secrets file: -# sops.secrets."tailscale_key" = { -# owner = "root"; -# sopsFile = ../../secrets/containers/${hostname}.yaml; -# restartUnits = [ -# "tailscaled.service" -# "tailscaled-autoconnect.service" -# ]; -# }; -# services.tailscale.authKeyFile = "/run/secrets/tailscale_key"; + sops.secrets."tailscale_key" = { + owner = "root"; + sopsFile = ../../secrets/containers/${hostname}.yaml; + restartUnits = [ + "tailscaled.service" + "tailscaled-autoconnect.service" + ]; + }; + services.tailscale.authKeyFile = "/run/secrets/tailscale_key"; networking.hostName = "${hostname}"; } diff --git a/nixos/containers/mounts.nix b/nixos/containers/mounts.nix index d0abada3..2bcaf4c9 100644 --- a/nixos/containers/mounts.nix +++ b/nixos/containers/mounts.nix @@ -1,7 +1,7 @@ { "/etc/ssh" = { hostPath = "/etc/ssh"; - mountPath = "/etc/ssh"; + mountPoint = "/etc/ssh"; isReadOnly = true; }; } diff --git a/nixos/containers/rdesktop/mounts.nix b/nixos/containers/rdesktop/mounts.nix index cf3cfbbb..f6040fa0 100644 --- a/nixos/containers/rdesktop/mounts.nix +++ b/nixos/containers/rdesktop/mounts.nix @@ -1,5 +1,7 @@ -"/etc/nixos/git" = { - hostPath = "/etc/nixos/git"; - mountPoint = "/etc/nixos/git"; - isReadOnly = false; +{ + "/etc/nixos/git" = { + hostPath = "/etc/nixos/git"; + mountPoint = "/etc/nixos/git"; + isReadOnly = false; + }; }